accounting for request 12
radius_xlat: '/var/log/radius/radacct/10.1.1.200/detail-20050311'
rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
expands to /var/log/radius/radacct/10.1.1.200/detail-20050311
modcall[accounting]: module detail returns ok for request 12
modcall[accounting
You are missing:
aaa authentication network default group radius
The attributes you posted earlier are correct. You can also specify
the VLAN name instead of the number which may help you if the VLAN ids
are different on different networks.
--
DaveD
Thanks for help but my switch doesn't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am Freitag, 11. März 2005 09:24 schrieb Horschtel:
Thanks for help but my switch doesn't know this command. Is it possible
that the IOS 12.1(11)EA VLAN Assignment with 802.1x not supported?
Yes. Be careful with the IOS versions. Older versions do
I've never used OSX, so I don't know about the no daemons thing, but if
you really really can't run it as a daemon, maybe you could use
daemontools?
http://cr.yp.to/daemontools.html
On Thu, 2005-03-10 at 22:58, Mahesh S Kudva wrote:
Hi All
Running on MacOS X panther, I cannot run
Michael Schwartzkopff wrote:
Thanks for help but my switch doesn't know this command. Is it possible
that the IOS 12.1(11)EA VLAN Assignment with 802.1x not supported?
Yes. Be careful with the IOS versions. Older versions do not have this feature
implemented. You have to install a quite new
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am Freitag, 11. März 2005 15:40 schrieb Vladimir Vuksan:
Michael Schwartzkopff wrote:
Thanks for help but my switch doesn't know this command. Is it possible
that the IOS 12.1(11)EA VLAN Assignment with 802.1x not supported?
Yes. Be careful with
Hi,
I have a problem with Accounting-script-execution in raddb/acct_users :
--
DEFAULT Acct-Status-Type == Stop
Exec-Program = echo PRUEBA /home/pru.txt
--
I don't know if you can do it like that. You could try writing a script
such as this.
#!/bin/sh
/bin/echo PRUEBA
Morning all.
I believe I read not to long ago on the list a thread concerning logging failed
logins and the reasons for the failure so that tech support personnel could
assist customers? I do not recall the eventual outcome and or solution if any.
So, here is a more direct question for
On Fri, 11 Mar 2005, Data Processing Fone Net wrote:
Morning all.
I believe I read not to long ago on the list a thread concerning logging failed
logins and the reasons for the failure so that tech support personnel could
assist customers? I do not recall the eventual outcome and or solution if
We are using FreeRADIUS Version 1.0.2, for host , built on Feb 23 2005 at
15:02:37
We are trying to validate a client XP machine using eap-tls. We
used OpenSSL 0.9.7a Feb 19 2003 to generate the certs. I think we have
everything configured correctly. We followed FreeRADIUS EAP/TLS -
Dear List,
I apologize if this issue has been discussed, but I couldn't find any docs that
help me
out.
I have a network with a cisco 1601R connected to Internet and a radius server
(simply an
ethernet switch with windows workstations, the router and the server running
freeradius).
I'm
TAYLAN KIRAN [EMAIL PROTECTED] wrote:
You say You we only need to enable EAP-TTLS but it does not work. You
can find debug log as following.
...
users: Matched entry deneme at line 152
modcall[authorize]: module files returns ok for request 4
modcall: group authorize returns ok for
Stewart, Bill [EMAIL PROTECTED] wrote:
We still do not get a connection. Following is an excerpt from
radiusd -X Can anyone give me idea what is going on?
The client isn't doing EAP-TLS. There's no mention of it in the
debug log.
rad_check_password: Found Auth-Type System
auth:
This line:
Login incorrect: [00-01-f4-ec-97-29/NOPASSWORD] (from client wapcor001 port
Seems to me to mean that the authenticating workstation lacks an
account in the users file.
Try adding the user id 00-01-f4-ec-97-29 with password NOPASSWORD to
the users file.
-
List
Alan,
Thanks! Here is a better excerp. The 00-01-f4-ec-97-29 is not in
/etc/passwd is from the section trying to validate by mac address. We need
this to validate printers.
rad_recv: Access-Request packet from host 149.158.3.250:1651, id=232,
length=108
Message-Authenticator =
Hi,
I am using mysql to store all calling history form the
cisco nas.
I have some problem with duplicate records in my
radacct table. but always the AcctSessionId are
diffrent to each duplication record here is what i am
getting in my radacct:
386 8e30580b-7-dff63424V1
385
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Radius wrote:
Sure does. We use it from time to time, when our wholesale connections
don't send a good disconnect.
radzap IP-Address S:port [EMAIL PROTECTED]
... Hum ... Not working..
[EMAIL PROTECTED] root]# radwho
Login Name
Stewart, Bill [EMAIL PROTECTED] wrote:
Thanks! Here is a better excerp.
EAP-TLS involves many, many packets going back and forth for one
login session. You've only shown one packet, and there are no
errors visible in it.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Hi,
I have configured the freeRADIUS server on a box B. and I have configured
pam on another box A, so that all logins to the box A will be authenticated
by the radius server (running on box B).
1) I want to get the list of all users configured in a radius server. may be
using pam or some
I have set up FreeRADIUS with PEAP. I tried logging in with a Mac OS X
client however it keeps telling me
eapolclient[4468]: eapmschapv2_success_request: invalid server auth
response
What is confusing is that rlm_eap_peap returns SUCCESS.
modcall: group authenticate returns ok for request 15
Hi,
running FR 1.0.1 with mysql, I'm still seeking for some method to log failed
login with resonable descriptive error messages..
Now, the postauth_query only gives me Access-Reject and the zero session
lenght radacct-entries only have User-Error expanded from
%{Acct-Terminate-Cause}
Isn't
Radius wrote:
Radzap is mainly for the stale radwho that are not there but still
showing loged in.
Yep that user is already logout due to a power cycle/reboot in the NAS.
So radzap is the right tools to get the zombie users off radius.
radwho first to see the one you want.
then do a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dustin Doris wrote:
On Wed, 2 Mar 2005, Chan Min Wai wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chan Min Wai wrote:
Dustin Doris wrote:
the variable for this script is
1) the NAS ip (the dhcp object class)
2) the Client MAC address
Maybe you need to (sometime a .)/usr/local/freeradius/bin/radzap
etc.
Chan Min Wai wrote:
Radius wrote:
Radzap is mainly for the stale radwho that are not there but still
showing loged in.
Yep that user is already logout due to a power cycle/reboot in the NAS.
So radzap is the
24 matches
Mail list logo